HiringCafe
Posted 3d ago

Examiner/Senior Examiner (Operational Risk)

@ Federal Housing Finance Agency
View All Jobs
Salt Lake City or Seattle or Phoenix or Los Angeles or San Francisco or Denver or Washington
$112k-$251k/yrHybridFull Time
Responsibilities:Assess IT, Evaluate IT, Advise leadership
Requirements Summary:Experience in IT/IS risk assessment, cybersecurity, and regulatory supervision; strong analytical and communication skills.
Save
Mark Applied
Hide Job
Report & Hide
Job Description
Security Clearance

Other

Duties

Division of FHLBank Regulation The Division of FHLBank Regulation (DBR) is responsible for carrying out the FHFA's statutory duties for ensuring that: 1) the Federal Home Loan Banks (FHLBanks) and the Office of Finance (OF) operate safely and soundly, and 2) the FHLBanks remain adequately capitalized. These functions are performed through on-site examinations and off-site monitoring of the FHLBanks and the OF. DBR also is responsible for policy and regulatory analysis, formulating and planning strategic goals, and conducting and evaluating long-range projects and proposals for all Agency programs relating to the FHFA's supervision and oversight of the FHLBank System. DBR monitors and analyzes the financial condition and performance of the FHLBanks and the market, credit, liquidity, operational, and model risks facing the FHLBanks. DBR collects financial and other data from the FHLBanks to support the Division's regulatory, policy, supervisory, monitoring, and examination functions. Monitoring and analysis staff participate in on-site examinations at the FHLBanks/OF and provide analyses of issues affecting the FHLBanks/OF as requested by the Deputy Director. Position Overview The Examiner/Senior Examiner (Operational Risk) will be responsible for performing examinations and ongoing monitoring of the FHLBanks' highly complex operational risk-related activities, with a primary focus on FHLBank and OF operational risk management, business processes, information security, information technology, data management, and business resiliency to identify and assess emerging and embedded risks. They will provide authoritative guidance on extremely complex and/or very controversial issues on FHLBank and OF operational risk activities and other supervision matters that may have broad implications; analyze the implications and impact of current and proposed supervision policies, programs, and practices; and may examine other component areas as assigned or serve as an Examiner-In-Charge. Major Duties & Responsibilities The Examiner/Senior Examiner (Operational Risk) duties listed below are at the EL-14 grade level. Depending on the grade level selected, the incumbent will perform the following duties with varying levels of supervision and difficulty: Assess information technology (IT) and information security (IS) risk management programs, including IT governance, cybersecurity, vendor risk, system development, and business continuity to identify risk and control weaknesses. Evaluation of IT/IS infrastructure and control environments (e.g., systems, networks, databases, application, and security controls), including cybersecurity practices such as vulnerability management, penetration testing, and access controls. Assess the effectiveness of IT/IS processes and controls (e.g., access management, change management, incident response, configuration management, and lifecycle management) using established frameworks. Conduct risk-based examinations and ongoing monitoring activities, including analyzing trends, identifying emerging risk, and evaluating IT/IS risks within broader operational and enterprise risk management programs. Advise leadership and stakeholders on IT/IS and cybersecurity risks, including evaluating IT/IS audit functions, communicating risk in a business context, and recommending improvements to strengthen risk management and supervisory strategies. Perform other duties as assigned.

Qualifications

You may qualify for your desired series and grade level if you meet the following qualification requirements: BASIC REQUIREMENTS: To be eligible for the 0570 series, you must meet one of the following requirements: A. Undergraduate and Graduate Education: Major study -- accounting, banking, business administration, commercial or banking law, economics, finance, marketing, or other fields related to the position. -OR- B. Specialized Experience (for positions above GS-5): Examples of qualifying specialized experience include: Work requiring a thorough knowledge and the application of commercial accounting or auditing principles and practices (but less than full professional accounting knowledge) with a financial institution. Examining or auditing such financial institutions as savings and loan associations, savings or commercial banking institutions or trust companies, farm credit associations, or Federal or State credit unions. Professional accounting or auditing work that provided a broad knowledge of the application of accounting or auditing principles and practices. Work that provided a thorough knowledge of Federal and State laws applicable to the type of financial institution involved (e.g., savings and loan associations, Bank for Cooperatives, savings or commercial banks, investment institutions, etc.), and of the operations and practices of such institutions. -OR- C. Certificate: A certificate as a Certified Public Accountant (CPA) obtained through written examination in a State, territory, or the District of Columbia meets the EL/GS-5 level requirements. Applicants with such certificates may also qualify for higher grade levels based on their education and or experience. In addition to meeting the above basic education, experience, or certification requirements, applicants must also meet the following minimum qualifications for their desired grade level: MINIMUM QUALIFICATIONS: Minimum Qualification EL-12: Applicants must have 52 weeks (one-year) of specialized experience equivalent to the next lower grade level as described below. Experience: I qualify for the EL/GS-12 because I have at least 52 weeks of specialized experience at the EL/GS-11 or equivalent demonstrating work experience with one or more of the statements described below. Examples of specialized experience include: Participating in assessments, examinations, audits, or monitoring activities with a focus on information technology (IT), information security (IS), or IT/IS compliance programs, including assessing areas such as IT governance, information security, vendor management, or business continuity to identify risks or control weaknesses; AND/OR Evaluating IT and IS infrastructure components (e.g., systems, networks, databases, applications, or security controls) to identify potential vulnerabilities, control gaps, or compliance issues; AND/OR Assessing IT/IS processes (e.g., access control, patch management, incident response, change management, or vulnerability management) using established frameworks to support risk identification and control evaluation; AND/OR Preparing or contributing to technical deliverables (e.g., workpapers, risk assessments, monitoring reports, or findings documentation) that clearly communicate IT/IS risks, trend analysis, control effectiveness, and recommendations to stakeholders. Minimum Qualification EL-13: Applicants must have 52 weeks (one-year) of specialized experience equivalent to the next lower grade level as described below. Experience: I qualify for the EL/GS-13 because I have at least 52 weeks of specialized experience at the EL/GS-12 or equivalent demonstrating work experience with one or more of the statements described below. Examples of specialized experience include: Conducting complex assessments, examinations, audit activities, or ongoing monitoring activities focused on IT and IS risks, including determining scope and methodology, and assessing areas such as IT governance, cybersecurity, vendor management, system development, or business resiliency; AND/OR Serving as a subject matter expert or team leader in evaluating IT or IS management programs, including governance, risk management, and control frameworks, and assessing the effectiveness of IT/IS processes and controls; AND/OR Analyzing complex or emerging IT/IS risks, including evaluating the scope and sufficiency of penetration testing, vulnerability management, patch management, and access controls, and identifying trends, significant deficiencies, and recommending corrective actions; AND/OR Communicating complex technical information, both orally and in writing, to management, stakeholders, or senior officials, clearly articulating IT/IS risks, impacts, and recommendations. Minimum Qualification EL-14: Applicants must have 52 weeks (one-year) of specialized experience equivalent to the next lower grade level as described below. Experience: I qualify for the EL/GS-14 because I have at least 52 weeks of specialized experience at the EL/GS-13 or equivalent demonstrating work experience with one or more of the statements described below. Examples of specialized experience include: Leading or directing highly complex assessments, examinations, audit activities, or ongoing monitoring activities focused on IT and IS risks, including designing risk-based strategies and evaluating areas such as IT governance, cybersecurity programs, vendor management, enterprise architecture, or business continuity; AND/OR Serving as a senior technical authority in evaluating IT/IS management and risk management programs, including assessing how IT/IS risks integrate with broader organizational and business line risks; AND/OR Evaluating and advising on the effectiveness of cybersecurity programs, vulnerability testing, network security, and IT/IS control environments, including identifying trends, systemic issues, and recommending improvements; AND/OR Advising leadership and influencing organizational or program-level strategies, policy development, or regulatory approaches related to IT/IS risk, cybersecurity, or emerging technology risks, including interpreting requirements and guiding responses to complex, sensitive, or high-risk issues. *Audit or safety and soundness examination experience strongly desired. Commissioned examiners strongly encouraged to apply* **Failure to provide your transcripts, when required, for any of the options above will remove you from the hiring process** Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

Education

ARE YOU USING YOUR EDUCATION TO QUALIFY? You MUST provide transcripts or other documentation to support your educational claims. Unless otherwise stated: (1) official or unofficial transcripts are acceptable, or (2) you may submit a list with all of your courses, grades, semester, year, and credit for the course. All materials must be submitted by the closing date of the announcement. GRADUATE EDUCATION: One academic year of graduate education is considered to be the number of credits hours your graduate school has determined to represent one academic year of full-time study. Such study may have been performed on a full-time or part-time basis. If you cannot obtain your graduate school's definition of one year of graduate study, 18 semester hours (or 27 quarter hours) should be considered as satisfying the requirement for one year of full-time graduate study. FOREIGN EDUCATION: If you are using education completed in foreign colleges or universities to meet the qualification requirements, you must show the education credentials have been evaluated by a private organization that specializes in interpretation of foreign education programs and such education has been deemed equivalent to that gained in an accredited U.S. education program; or full credit has been given for the courses at a U.S. accredited college or university. For further information, visit: http://www.ed.gov/about/offices/list/ous/international/usnei/us/edlite-visitus-forrecog.html

Other Information

An Overview of FHFA's Benefits provides a summary of benefits for the current fiscal year. Out-stationed Locations/Duty Station: Selectee is eligible for establishing their home residence as their duty station based on the examiner job requirement to spend a minimum of 25 days annually to conduct on-site examinations of the FHLBanks and the Office of Finance in Reston, Virginia. Selectees generally must reside within 50 miles of a major airport. Major airports include those that the FAA designates as a Large Hub (L) airport (see https://www.faa.gov/sites/faa.gov/files/2024-06/cy23-commercial-service-enplanements-preliminary.pdf) and have routes to the locations of the eleven Federal Home Loan Banks and the Office of Finance that are efficient based on flight times and costs. FHFA Employees: Out-stationed employees may retain status if selected. All others report to Constitution Center. Males born after 12-31-59 must be registered or exempt from Selective Service (see https://www.sss.gov/RegVer/wfRegistration.aspx). Career Transition Assistance Programs: These programs apply to employees who have been involuntarily separated from a Federal service position within the competitive service or Federal service employees whose positions have been deemed surplus or no longer needed. To receive selection priority for this position, you must: (1) meet CTAP or ICTAP eligibility criteria; (2) be rated well-qualified for the position and, (3) submit the appropriate documentation to support your CTAP or ICTAP eligibility. For more information visit: http://www.opm.gov/rif/employee_guides/career_transition.asp. FHFA is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment regardless of race, color, religion, gender (including pregnancy, sexual orientation, and gender identity), national origin, disability (physical or mental), age (40 years of age or over), genetic information, parental status, marital status, prior protected EEO activity, political affiliation, or other non-merit factors. REASONABLE ACCOMMODATION: FHFA provides reasonable accommodations to applicants with disabilities, except when doing so would pose an undue hardship on the Agency. If you need a reasonable accommodation for any part of the application and hiring process, please notify FHFA. The Agency's decision on granting a reasonable accommodation will be made on a case-by-case basis. [email protected] Ethics: FHFA employees are subject to government-wide ethical standards of conduct, financial disclosure requirements, and post-employment prohibitions. In addition, certain FHFA employees are prohibited from accepting compensation from Fannie Mae and Freddie Mac for a two-year period after terminating employment with FHFA. Furthermore, to avoid financial conflicts-of interest or the appearance of conflicts-of-interest, FHFA employees may need to divest or sell certain assets they, their spouse, or minor children own or control, including securities issued by Fannie Mae, Freddie Mac, or the Federal Home Loan Banks. Employees who work on Federal Home Loan Bank issues may need to sell or divest financial interests with any of the Federal Home Loan Bank members, which may include stock in bank holding companies, insurance companies, and other financial services firms. Questions regarding these requirements and prohibitions should be directed to the Office of General Counsel at (202) 649-3088.